Penetration Testing mailing list archives
Re: RSA SecurID sdconf.rec file
From: "Kelly Keeton" <kellyrkeeton () gmail com>
Date: Mon, 28 Jul 2008 10:26:43 -0700
you want to use your RSA server to change information in it. its no good if you hack it up as there is verification on the file integrity. you are correct you need to use the admin console to edit it. there is no reason to change it out of the admin interface as your admin interface needs to know of the host record for the client wanting to auth against the server. so you would only get one way communication with hacking the file.. other then just pentesting the new 7.1 there isnt any "working server" that you get from this. I would suggest that you call support and see if there is any tool that you can use for your testing. (this was all changed in 6.0 as you stated) On Tue, Jul 22, 2008 at 2:00 AM, Littlebighuman <littlebighuman () gmail com> wrote:
Hi, I'm looking for any information on the RSA sdconf.rec file. What kind of encryption (if any) is used etc. Secondary I would like a way to edit it, change IP-addresses for example. I think In 5.x versions of SecurID there was a utility included with the server which you could use for that. Later in 6.x you could only do it through the admin interface. The server I'm working on now is a 7.1, which doesn't have it. Does anyone have any experience with this file? I did find a Perl extension for SecurID, but it seems very old (I'm currently looking into that). Regards, Seb ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes inSecuring Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- RSA SecurID sdconf.rec file Littlebighuman (Jul 25)
- Re: RSA SecurID sdconf.rec file Kelly Keeton (Jul 28)
- Re: RSA SecurID sdconf.rec file Seb (Jul 31)
- Re: RSA SecurID sdconf.rec file ॐ aditya mukadam ॐ (Jul 29)
- Re: RSA SecurID sdconf.rec file Kelly Keeton (Jul 28)